mirror of
https://github.com/avatao-content/baseimage-tutorial-framework
synced 2024-11-22 16:21:31 +00:00
Make semantics of whitelist and blacklist more explicit in webide
This commit is contained in:
parent
8bd6005b5d
commit
1922050e87
@ -40,7 +40,7 @@ class FileManager: # pylint: disable=too-many-instance-attributes
|
|||||||
def workdir(self, directory):
|
def workdir(self, directory):
|
||||||
if not exists(directory) or not isdir(directory):
|
if not exists(directory) or not isdir(directory):
|
||||||
raise EnvironmentError('"{}" is not a directory!'.format(directory))
|
raise EnvironmentError('"{}" is not a directory!'.format(directory))
|
||||||
if not self._is_whitelisted(directory):
|
if not self._is_in_whitelisted_dir(directory):
|
||||||
raise EnvironmentError('Directory "{}" is not in whitelist!'.format(directory))
|
raise EnvironmentError('Directory "{}" is not in whitelist!'.format(directory))
|
||||||
self._workdir = directory
|
self._workdir = directory
|
||||||
|
|
||||||
@ -65,7 +65,7 @@ class FileManager: # pylint: disable=too-many-instance-attributes
|
|||||||
@property
|
@property
|
||||||
def files(self):
|
def files(self):
|
||||||
return [self._relpath(file) for file in glob(join(self._workdir, '**/*'), recursive=True)
|
return [self._relpath(file) for file in glob(join(self._workdir, '**/*'), recursive=True)
|
||||||
if isfile(file) and self._is_whitelisted(file) and not self._is_blacklisted(file)]
|
if isfile(file) and self._is_in_whitelisted_dir(file) and not self._is_blacklisted(file)]
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def file_contents(self):
|
def file_contents(self):
|
||||||
@ -77,8 +77,8 @@ class FileManager: # pylint: disable=too-many-instance-attributes
|
|||||||
with open(self._filepath(self.filename), 'w', errors='surrogateescape') as ofile:
|
with open(self._filepath(self.filename), 'w', errors='surrogateescape') as ofile:
|
||||||
ofile.write(value)
|
ofile.write(value)
|
||||||
|
|
||||||
def _is_whitelisted(self, file):
|
def _is_in_whitelisted_dir(self, path):
|
||||||
return any(realpath(file).startswith(allowed_dir) for allowed_dir in self.allowed_directories)
|
return any(realpath(path).startswith(allowed_dir) for allowed_dir in self.allowed_directories)
|
||||||
|
|
||||||
def _is_blacklisted(self, file):
|
def _is_blacklisted(self, file):
|
||||||
return any(fnmatchcase(file, blacklisted) for blacklisted in self.exclude)
|
return any(fnmatchcase(file, blacklisted) for blacklisted in self.exclude)
|
||||||
|
Loading…
Reference in New Issue
Block a user